Does PPACA’s Individual Mandate Violate Privacy Rights?

An entirely different approach to invalidating the individual mandate in the Patient Protection and Affordable Care Act (PPACA)(P.L. 111-148) was considered in the case of Walters et al. v. Holderby the district court in Mississippi. In Walters et al. v. Holder an argument was made that PPACA’s individual mandate violates privacy protections in the U.S. Constitution by requiring individuals to turn over their medical and financial information to either a private company, an insurance company, or a government entity, an insurance exchange when they purchase health insurance. The court concluded that while someday this issue may need to be reviewed by a court, no specifics currently exist to demonstrate how individual’s private information is being forcibly divulged in violation of the U.S. Constitution.

Privacy issue. The federal district court in Mississippi where this case was heard waited until the Supreme Court ruled in National Federation of Independent Business et al v. Sebelius on the constitutionality of the individual mandate before considering this case. The Supreme Court ruled that the penalty for not purchasing insurance as required by PPACA’s individual mandate was a tax and therefore constitutional. The Supreme Court decision though did not address any of the issues in the Walter’s case.

In determining a violation of privacy rights, a court must weigh the government’s interest in disclosure against the individual’s right to privacy. To properly conduct this analysis a court must consider the particulars of the challenged law, the nature of the information to be disclosed, the protections to be afforded to the disclosed information, and any other circumstances particular to the dispute.

Specifics required. In this case the individuals bringing the case could not show what specifics they were required to do that violated their privacy. They did not describe (1) the specifics of the financial or medical data insurance companies would require them to provide to obtain insurance; (2) the measures that would be used by insurance companies to protect their information, or the sufficiency of those measures to protect their privacy; or (3) specific application or claim processes, or medical providers billing practices or procedures that would result in their private information being divulged. In previous cases challenging a constitutional protected privacy violations, specific actions that resulted in the release of information were described in the filing.

The Health Insurance portability and Accountability Act (HIPAA)(P.L. 104-191) could provide some protections to their privacy, but to make that determination specific knowledge of the process would be required. The individuals even acknowledged that specific knowledge of this process would not be known until regulations were written on how this data would be handled. Without any evidence as to the effectiveness of HIPAA privacy protections within the context of the case, the issue becomes an abstract debate in which courts hesitate to become involved.

Future action possible. The court concluded by saying, “the issues raised by Plaintiffs may eventually become ripe for review. With the present record, however, this case presents nothing more than a hypothetical controversy over bare speculation.” The court left the door open for these individuals or others to file a new case when more specifics of the implementation were known by saying, “the individual mandate does not become effective until 2014 and Plaintiffs could always file another complaint in the future.”